Application No.: 10/766,869 

II. Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

A. Listing of Claims 
1 . (Currently Amended) A management system of a public key certificate comprising: a first 
certificate authority: a service provider which verifies validity of a presented public key 
certificate and, if the verification can correctly be made, provides a service; a second certificate 
authority on which said service provider relies; and a smart card, wherein 

said smart card comprises [[:]] a storing unit and a certificate issuing unit, 
[[a]] said storing unit [[which]] stores: 

a first private key and a first public key making a pair together therewith which 
are necessary to issue a certificate to said second certificate authority, a first certificate issued for 
said first public key from said first certificate authority , 

a second private key and a second public key making a pair together therewith 
which are generated to receive a service from said service provider, and 

a second certificate which is issued for said second public key by said second 
certificate authority on which said service provider relies [[; and]] 1 

a k e y generating unit which g e n e rat e s said first and s e cond public keys and said 
first and s e cond private keys, 

said second certificate authority comprises: 

a storing unit which stores a third private key for generating [[a]] the second 
certificate of said second public key for said smart card and [[said]] a third certificate which is 
issued to a third public key making a pair together with said third private key; and 
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a certificate generating unit which generates the second certificate for said second 
public key on the basis of an issuing request, and 

said certificate issuing unit of said smart card comprises a third certificate 
generating unit which issues the third certificate [[of]] for said third public key stored in said 
second certificate authority by using said stored first private key on the basis of an issuing 
request for the certificate from said second certificate authority. 

2. (Currently Amended) A system according to claim 1, wherein 

at least one of said first certificate authority and said second certificate authority 
further comprises: 

a revocation information generating unit for generating revocation information of 
the respective certificate on the basis of a revoking request for the respective certificate; and 

a revocation information database for storing the revocation information 
generated by said revocation information generating unit, 

said smart card presents said first and second certificates to said service provider 
in order to receive the service from said service provider, and 

said service provider comprises a certificate verifying unit for inquiring of [[said]] 
the respective certificate authority about the revocation information of said first and second 
certificates when the validity of said presented first and second certificates is verified. 

3. (Currently Amended) A system according to claim 1, wherein 

said smart card constructs said storing unit as an ar e a which is sp e cific to said 
comprising a service provider specific area and 

includes a service provider authenticating unit for permitting only said service 
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provider corresponding to said specific area to access said specific area. 

4. (Currently Amended) A system according to claim [[1]] 3, wherein 

a specific area of said service provider specific area of said smart card and data 
stored in said certificate generating unit in said smart card have been encrypted. 

5. (Currently Amended) A system according to claim 1, further comprising 

a certificate validation authority, and 

said certificate validation authority making validity verification of th e certificate 
at least one of said first certificate and said second certificate, by [[said]] a certificate verifying 
unit of said service provider as an alternative of said service provider. 

6. (Currently Amended) A system according to claim 1, further comprising 

a certificate storage authority, and 

said certificate storage authority holding a plurality of certificates stored in said 
smart card as an alternative of said smart card and providing said c e rtificat e certificates in 
accordance with a request. 

7. (Currently Amended) A system according to claim 2, wherein 

when said second certificate authority verifies said second certificate, said service 
provider transmits a challenge to said smart card, 
said smart card 

encrypts said challenge by said second private key and transmits said encrypted 
challenge, the second certificate corresponding to said second private key, and the first certificate 
corresponding to said first private key to said service provider, 
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said service provider further comprises: 

a certificate verifying unit for decrypting said encrypted challenge, confirming 
whether the decrypted challenge coincides with said challenge transmitted to said smart card, 
obtaining the revocation information of said received first and second certificates, and executing 
the verifying process of said first and second certificates by using said obtained revocation 
information; and 

a service providing unit for providing the services in response to a decision 
indicating that said first and second certificates are valid in said verifying process. 

8. (Currently Amended) A system according to claim [[7]] 2, wherein said certificate verifying 
unit of said service provider decides that when said first certificate is revoked, said second 
certificate is also revoked. 

said smart card 

constructs said storing unit as an ar e a specific to said s e rvic e provid e r and, 

when said s e rvic e provid e r transmits and r e c e ives data to/from said s e rvic e 

provider specific ar e a, 

said se rvice provid e r e x e cut e s a mutual auth e nticating proc e ss b e twe e n said 

s e rvice provid e r and said s e rvic e provider sp e cific ar e a. 

9. (Original) A system according to claim 7, wherein 

when data is stored into said service provider specific area of said smart card and 
into said certificate generating unit, said data is encrypted and thereafter stored. 
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